India wants iOS source code, and they're not going to get it

A graphic Apple created for the launch of its online Apple Store in India in 2020 - Image credit: Apple

India is yet again attempting to bully Apple by demanding access to iOS source code. It's not going to work.

While governments have tried to interfere with the management and security of mobile devices for years, India has somehow become one of the biggest thorns in Apple's side. In the latest salvo, India seems intent on forcing Apple to hand over its source code.

A package of 83 security standards has been proposed that covers many different areas. According to Reuters, Apple, Google, Samsung, Xiaomi, and MAIT have objected due to there not being any global precedent for the demands, with it also revealing proprietary details.

The raft of demands ranges from the simple to the more difficult to achieve. At one end are requirements to advise the government of any major updates, making and storing security audit logs for 12 months, and periodically prompting users to review permissions.

At the other is a demand to disclose source code. Manufacturers would have to test and provide source code for review by government-designated labs to check for vulnerabilities.

The standards were originally drafted back in 2023, but are only just now being considered by the government to become legal requirements in the country.

The tech companies are naturally against the measures, due to a lack of precedent and obvious security and privacy concerns. Executives from the firms are anticipated to meet on Tuesday to discuss the matter.

IT Secretary S. Krishnan told the report that the government will address legitimate concerns "with an open mind" and that it was "premature to read more" into the topic.

A source code non-starter

In response to the proposals, tech industry group MAIT said that the source code review is not possible due to secrecy and privacy requirements, a confidential document made in response to the proposals supplied to the report stated.

It's also something not carried out elsewhere in the world. "Major countries in the EU, North America, Australia, and Africa do not mandate these requirements" the document continued.

Aside from the general sentiment about the proposal, it would be an extremely tough task to convince Apple to supply the source code for inspection in the first place.

Apple has historically been defensive about its most sensitive software elements. While it has had to release some components for public viewing in the past, such as when it used open-source elements behind OS X El Capitan in 2015, it has been keen to resist handing over other elements for review.

An example of the thinking behind it is the multi-year encryption debate, which has seen governments around the world urging Apple to install a backdoor to get around its encryption measures. Despite demands to do so, Apple has resisted implementing them.

It's done so to such a degree that, in the UK, Apple would rather disable data protection on its devices in the country than break its end-to-end encryption.

The same argument can be made for source code. By handing the source code over to inspection, Apple exposes the more sensitive security-related elements, which opens up the possibility for an attacker to more easily find vulnerabilities.

Governments may claim that the facilities they clear are secure, but to major companies like Apple, there's no guarantee of that at all. Indeed, to safeguard its platforms, Apple could easily justify that it would be safer not to share the source code in the first place.

A continued India push

The report is the latest instance of India attempting to pressure tech companies to comply with security in some way in recent years.

Most recently, this has included demands for Apple and other smartphone makers to pre-install the government-sanctioned Sanchar Saathi app onto new smartphones. The government said it was meant to prevent cyberthreats and to reduce the number of devices on the black market.

Earlier in 2025, India attempted to convince Apple and Google to preinstall state-backed apps onto devices. At the time, there were undertones that India would force the companies to do so via changes to the law.

After the private order became publicly known about, the government quickly backtracked.

It's also not the first time India has tried to get source code from Apple. In 2023, rules were proposed to force Apple and others to send security updates to the government for pre-screening.

Without any hint of irony, an unnamed official at the time explained that preinstalled apps "can be a weak security point and we want to ensure no foreign nations, including China, are exploiting it." It was a "national security" issue, the official continued.

It certainly seems doubtful that Apple would agree to send India the source code for security checks. Even if Apple is compelled to do so, it will provide only the bare minimum code, and put up a fight to avoid doing that, too.

Comments

nubus · 1145 comments · 10 Years About 3 months ago

Microsoft is running several Transparency Centers where government authorities can visit and see source code, test cryptography, and more. China, Australia, and more have access to source code. It is possible.

mark fearing · 515 comments · 18 Years About 3 months ago

nubus said:

Microsoft is running several Transparency Centers where government authorities can visit and see source code, test cryptography, and more. China, Australia, and more have access to source code. It is possible.

And look how it's stopped all the security issues with Windows! Yes, I'm being sarcastic...

paisleydisco · 243 comments · 9 Years About 3 months ago

LOL

Luis.A.Masanti · 118 comments · 2 Years About 3 months ago

The only interest of governments is… to spy and control its citizens.
As back-doors failed… they use to claim CSAM or other ‘dangers’ for citizens.

Just plain lies.

22july2013 · 4042 comments · 13 Years About 3 months ago

India has a simple solution. Just pass a law making it illegal for any foreign corporation to export products (hardware or software products) that use any form of cryptography into India. The Indian government could still allow local companies to sell apps that use cryptography, which could be required to have the back doors that the Indian government wants. Apple would have to disable any security features of iOS. I think Apple already does this for China, which has laws to this effect. India simply has to copy China's approach.

Share Your Thoughts on our Forums ->

News

India wants iOS source code, and they're not going to get it

A source code non-starter

A continued India push

Wedbush biggest bull on Apple with huge target price jump to $400

iOS 26 review one year later: Liquid Glass complaints hide the real problem

Apple Store education purchase verification process expands to US

Students & teachers can get educational pricing on Apple Watch

How to pause Activity Rings in watchOS 26 when you need a break

Canadian encryption law could force Apple to take drastic action like in UK

GameSir Pocket Taco review: an emulator-friendly retro controller with some tradeoffs

Apple can't avoid $4.1 billion iCloud suit in UK

Follow us on Social Media

A source code non-starter

A continued India push